class Castle::Headers::Extract

used for extraction of cookies and headers from the request

Constants

ALWAYS_ALLOWLISTED

Headers that we will never scrub, even if they land on the configuration denylist.

ALWAYS_DENYLISTED

Headers that will always be scrubbed, even if allowlisted.

Public Class Methods

new(headers, config = nil) click to toggle source

@param headers [Hash] @param config [Castle::Configuration, Castle::SingletonConfiguration, nil]

# File lib/castle/headers/extract.rb, line 17
def initialize(headers, config = nil)
  @headers = headers
  @config = config || Castle.config
  @no_allowlist = @config.allowlisted.empty?
end

Public Instance Methods

call() click to toggle source

Serialize HTTP headers @return [Hash]

# File lib/castle/headers/extract.rb, line 25
def call
  @headers.each_with_object({}) { |(name, value), acc| acc[name] = header_value(name, value) }
end

Private Instance Methods

header_value(name, value) click to toggle source

scrub header value @param name [String] @param value [String] @return [TrueClass | FalseClass | String]

# File lib/castle/headers/extract.rb, line 35
def header_value(name, value)
  return true if ALWAYS_DENYLISTED.include?(name)
  return value if ALWAYS_ALLOWLISTED.include?(name)
  return true if @config.denylisted.include?(name)
  return value if @no_allowlist || @config.allowlisted.include?(name)

  true
end